Earlier today, some people on Mastodon were debating in German over which messaging platform was better: XMPP or Matrix (which originally began with the survey below). I confess that I was partly responsible for starting the ensuing debate, though not intentionally! This prompted me to research the subject more.
It’s interesting that on Matrix.org’s FAQ, they address this very subject with the question “What’s the difference between Matrix and XMPP?”
We think of Matrix and XMPP as being quite different; at its core Matrix can be thought of as an eventually consistent global JSON db with an HTTP API and pubsub semantics – whilst XMPP can be thought of as a message passing protocol. You can use them both to build chat systems; you can use them both to build pubsub systems; each comes with different tradeoffs. Matrix has a deliberately extensive ‘kitchen sink’ baseline of functionality; XMPP has a deliberately minimal baseline set of functionality. If XMPP does what you need it to do, then we’re genuinely happy for you! Meanwhile, rather than competing, an XMPP Bridge like Skaverat’s xmpptrix beta or jfred’s matrix-xmpp-bridge or Matrix.org’s own purple-matrix has potential to let both environments coexist and make the most of each other’s benefits.
The whole area of XMPP vs Matrix is quite subjective. Rather than fighting over which open interoperable communication standard works the best, we should just collaborate and bridge everything together. The more federation and interoperability the better.
They make a good point, especially “If XMPP does what you need it to do, then we’re generally happy for you!” XMPP, as opposed to Matrix, is a protocol (Extensible Messaging and Presence Protocol), that has been around since 1999. If you trust its official website, they say it is:
Secure — any XMPP server may be isolated from the public network (e.g., on a company intranet) and robust security using SASL and TLS has been built into the core XMPP specifications. In addition, the XMPP developer community is actively working on end-to-end encryption to raise the security bar even further.
Part of its security may depend on the individual client used, however. There are numerous XMPP clients for different operating systems, such as Pidgin, Profanity, ChatSecure, and Gajim (links go their official sites).
One interesting feature of Gajim is OMEMO, which is an XMPP Extension Protocol for secure multi-client end-to-end encryption. To quote conversations.im:
The OMEMO encryption /oˈmiːmoʊ/ (OMEMO Multi-End Message and Object Encryption) gives you all the advantages you would expect from a modern-day encryption protocol like Future and Forward Secrecy and deniability while allowing you to keep the benefits of message synchronization and offline delivery.
OMEMO not only gives you a better encryption features than OpenPGP and OTR but is also much easier to setup. OMEMO is the encryption you can actually use in your daily life. Turn it on once and forget you ever did.
There are other differences, to be sure. XMPP vs Matrix – WIKI shows a side-by-side comparison of some of them, which makes it a little more convenient.
What are your thoughts? Which messaging protocol is better, and what are your experiences with them?